Vulnerability Description
The 'control' in Parrot ANAFI USA firmware 1.10.4 does not check the MAV_MISSION_TYPE(0, 1, 2, 255), which allows attacker to cut off the connection between a controller and the drone by sending MAVLink MISSION_COUNT command with a wrong MAV_MISSION_TYPE.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Parrot | Anafi Firmware | 1.10.4 |
Related Weaknesses (CWE)
References
- http://anafi.comNot Applicable
- http://nvd-cwe-other.comBroken Link
- https://forum.developer.parrot.com/t/cve-2024-33844-bugs-in-anafi-thermal-usa-fiVendor Advisory
- https://forum.developer.parrot.com/t/cve-2024-33844-bugs-in-anafi-thermal-usa-fiVendor Advisory
- http://anafi.comNot Applicable
- http://nvd-cwe-other.comBroken Link
- https://forum.developer.parrot.com/t/cve-2024-33844-bugs-in-anafi-thermal-usa-fiVendor Advisory
- https://forum.developer.parrot.com/t/cve-2024-33844-bugs-in-anafi-thermal-usa-fiVendor Advisory
FAQ
What is CVE-2024-33844?
CVE-2024-33844 is a vulnerability with a CVSS score of 7.5 (HIGH). The 'control' in Parrot ANAFI USA firmware 1.10.4 does not check the MAV_MISSION_TYPE(0, 1, 2, 255), which allows attacker to cut off the connection between a controller and the drone by sending MAVLi...
How severe is CVE-2024-33844?
CVE-2024-33844 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-33844?
Check the references section above for vendor advisories and patch information. Affected products include: Parrot Anafi Firmware.